diff options
| author | h5p9sl <21267024+h5p9sl@users.noreply.github.com> | 2021-01-24 10:52:26 -0700 |
|---|---|---|
| committer | h5p9sl <21267024+h5p9sl@users.noreply.github.com> | 2021-01-24 10:52:26 -0700 |
| commit | b134b8d8aaa193c6097f034e08fe8d54e51eabab (patch) | |
| tree | 13b4bd3cc146c4ffa0dd3edf36acbc19e6e9cb84 | |
| parent | 5032ee6dde5b33846570d9ea7af6b508755c708b (diff) | |
Add basic user page
| -rw-r--r-- | header.php | 4 | ||||
| -rw-r--r-- | thread.php | 6 | ||||
| -rw-r--r-- | user.php | 42 |
3 files changed, 47 insertions, 5 deletions
@@ -19,10 +19,10 @@ session_start(); <div id="user"> <?php if (isset($_SESSION['signed_in'])) { - echo 'Signed in as <b>' . $_SESSION['user_name'] . '</b>. <a href="includes/signout_inc.php">Log out</a>'; + echo 'Signed in as <a href="user.php?id='. $_SESSION['user_id'] .'">' . $_SESSION['user_name'] . '</a> <a href="includes/signout_inc.php">Log out</a>'; } else { echo '<a href="signin.php">Sign in</a> or <a href="register.php">Register an account</a>'; } ?> </div> - </nav>
\ No newline at end of file + </nav> @@ -15,7 +15,7 @@ if (mysqli_num_rows($result) == 0) { } else { while ($row = mysqli_fetch_assoc($result)) { echo '<section><h1>' . $row['thread_subject'] . '</h1>'; - echo 'Created by <b>' . $row['user_name'] . '</b> on ' . date('M d, Y', strtotime($row['thread_date'])) . '</section>'; + echo 'Created by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a> on ' . date('M d, Y', strtotime($row['thread_date'])) . '</section>'; $thread_id = $row['thread_id']; } } @@ -36,7 +36,7 @@ if (mysqli_num_rows($result) == 0) { } else { echo '<table>'; while ($row = mysqli_fetch_assoc($result)) { - echo '<tr class="post"><td class="right">Posted by <b>' . $row['user_name'] . '</b><br><small>' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '</small></td>'; + echo '<tr class="post"><td class="right">Posted by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a><br><small>' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '</small></td>'; echo '<td class="left">' . $row['post_content'] . '</td></tr>'; } echo '</table>'; @@ -64,4 +64,4 @@ if (isset($_SESSION['signed_in'])) { } include_once 'footer.php'; -?>
\ No newline at end of file +?> diff --git a/user.php b/user.php new file mode 100644 index 0000000..d424c59 --- /dev/null +++ b/user.php @@ -0,0 +1,42 @@ +<?php +include_once 'header.php'; +include_once 'includes/db_inc.php'; +?> + +<?php +function nobody_is_here() { + echo 'Nobody\'s here! <a href=index.php>Go home.</a>'; +} + +if (!isset($_GET['id'])) { + nobody_is_here(); +} else { + // If this is the user's own page, show the 'options' bar + if ($_SESSION['user_id'] == $_GET['id']) { + echo '<nav><a href=change_passw.php>Change Password</a>'; + echo '</nav>'; + } + echo '<section>'; + + $sql = 'SELECT user_id, user_name, user_date FROM users WHERE user_id=?'; + $stmt = mysqli_stmt_init($dbc); + + if (!mysqli_stmt_prepare($stmt, $sql)) { + die('Could not create thread due to internal error: ' . mysqli_error($dbc)); + } + mysqli_stmt_bind_param($stmt, 'i', $_GET['id']); + mysqli_stmt_execute($stmt); + $res = mysqli_stmt_get_result($stmt); + $user = mysqli_fetch_assoc($res); + + if (!$user) { + nobody_is_here(); + } else { + echo '<div><h1 style="font-weight:normal">User: <b>'. $user['user_name'] .'</b><sub style="font-size: small;">ID#'. $user['user_id'] .'</sub></h1></div>'; + echo 'Registered since '. date('M d, Y', strtotime($user['user_date'])); + } +} +?> +</section> + +<?php include_once 'footer.php'; ?> |